Peer-to-peer (p2p) networks provide the basis for the design of fully decentralized distributed systems, where data and computing resources are shared among participating peers (see, e.g., [13, 16, 56, 59, 61, 67]). Properties of such systems include scalability, self-stabilization, data availability, load balancing, and efficient searching. As p2p networks become more mature and established, a growing number of new applications emerge for them, with a corresponding need for assuring security in such applications. In particular, verifying the authenticity of stored content is a fundamental problem in p2p architectures, since resource sharing is the generally the core of the design goals of such systems.
Herein, data authentication in p2p networks is considered, where data originating from a trusted source is shared and dispersed over remote and untrusted network nodes and queried and retrieved by end-users through the exported network's API. The focus is on the basic put-get functionality over shared, distributively stored data objects that p2p systems support, as may be realized by any distributed data structure built over overlay p2p networks, including the class of distributed hash tables (DHTs). Various efficient implementations of DHTs [16, 56, 59, 61, 67] provide the core framework for designing and implementing more complex distributed applications built over DHTs. As these applications are growing in scale and complexity, the desire for security increases. It is desirable to guard users of p2p systems against misbehaving or malicious network nodes that falsify their actions after a put operation and their responses to a get operation. That is, it is desirable to achieve high information assurance by designing efficient cryptographic techniques that ensure data integrity and authentic data retrievals in DHTs.
However, most of the existing authentication techniques for contents in p2p networks are static, centralized and often insecure. For instance, existing DHTs that support data authentication use signatures and cryptographic hash functions on a per-object basis. This cannot guarantee full protection against malicious network nodes, since replay attacks can be easily launched where old, invalid data objects are incorrectly verifiable. In particular, there is currently no distributed implementation of the widely-used Merkle tree authentication scheme [48].